<!DOCTYPE html SYSTEM "about:legacy-compat">
<html lang="en"><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8"><link href="../images/docs-stylesheet.css" rel="stylesheet" type="text/css"><title>Apache Tomcat 8 Configuration Reference (8.0.36) - The Manager Component</title><meta name="author" content="Craig R. McClanahan"><meta name="author" content="Yoav Shapira"><script type="application/javascript" data-comments-identifier="tomcat-8.0-doc/config/manager">
    "use strict"; // Enable strict mode

    (function() {
      var thisScript = document.currentScript;
      if (!thisScript) { // Workaround for IE <= 11
        var scripts = document.getElementsByTagName("script");
        thisScript = scripts[scripts.length - 1];
      }
      document.addEventListener("DOMContentLoaded", (function() {
        var commentsDiv = document.getElementById("comments_thread");
        var commentsShortname = "tomcat";
        var commentsIdentifier = "http://tomcat.apache.org/" +
          thisScript.getAttribute("data-comments-identifier") + ".html";

        (function(w, d) {
          if (w.location.hostname.toLowerCase() == "tomcat.apache.org") {
            var s = d.createElement("script");
            s.type = "application/javascript";
            s.async = true;
            s.src = "https://comments.apache.org/show_comments.lua?site=" +
              encodeURIComponent(commentsShortname) +
              "&page=" + encodeURIComponent(commentsIdentifier);
            d.head.appendChild(s);
          } else {
            commentsDiv.appendChild(d.createTextNode("Comments are disabled for this page at the moment."));
          }
        })(window, document);
      }), false);
    })();
  </script></head><body><div id="wrapper"><header><div id="header"><div><div><div class="logo noPrint"><a href="http://tomcat.apache.org/"><img alt="Tomcat Home" src="../images/tomcat.png"></a></div><div style="height: 1px;"></div><div class="asfLogo noPrint"><a href="http://www.apache.org/" target="_blank"><img src="../images/asf-feather.png" alt="The Apache Software Foundation" style="width: 266px; height: 83px;"></a></div><h1>Apache Tomcat 8 Configuration Reference</h1><div class="versionInfo">
          Version 8.0.36,
          <time datetime="2016-06-09">Jun 9 2016</time></div><div style="height: 1px;"></div><div style="clear: left;"></div></div></div></div></header><div id="middle"><div><div id="mainLeft" class="noprint"><div><nav><div><h2>Links</h2><ul><li><a href="../index.html">Docs Home</a></li><li><a href="index.html">Config Ref. Home</a></li><li><a href="http://wiki.apache.org/tomcat/FAQ">FAQ</a></li><li><a href="#comments_section">User Comments</a></li></ul></div><div><h2>Top Level Elements</h2><ul><li><a href="server.html">Server</a></li><li><a href="service.html">Service</a></li></ul></div><div><h2>Executors</h2><ul><li><a href="executor.html">Executor</a></li></ul></div><div><h2>Connectors</h2><ul><li><a href="http.html">HTTP</a></li><li><a href="ajp.html">AJP</a></li></ul></div><div><h2>Containers</h2><ul><li><a href="context.html">Context</a></li><li><a href="engine.html">Engine</a></li><li><a href="host.html">Host</a></li><li><a href="cluster.html">Cluster</a></li></ul></div><div><h2>Nested Components</h2><ul><li><a href="cookie-processor.html">CookieProcessor</a></li><li><a href="credentialhandler.html">CredentialHandler</a></li><li><a href="globalresources.html">Global Resources</a></li><li><a href="jar-scanner.html">JarScanner</a></li><li><a href="jar-scan-filter.html">JarScanFilter</a></li><li><a href="listeners.html">Listeners</a></li><li><a href="loader.html">Loader</a></li><li><a href="manager.html">Manager</a></li><li><a href="realm.html">Realm</a></li><li><a href="resources.html">Resources</a></li><li><a href="sessionidgenerator.html">SessionIdGenerator</a></li><li><a href="valve.html">Valve</a></li></ul></div><div><h2>Cluster Elements</h2><ul><li><a href="cluster.html">Cluster</a></li><li><a href="cluster-manager.html">Manager</a></li><li><a href="cluster-channel.html">Channel</a></li><li><a href="cluster-membership.html">Channel/Membership</a></li><li><a href="cluster-sender.html">Channel/Sender</a></li><li><a href="cluster-receiver.html">Channel/Receiver</a></li><li><a href="cluster-interceptor.html">Channel/Interceptor</a></li><li><a href="cluster-valve.html">Valve</a></li><li><a href="cluster-deployer.html">Deployer</a></li><li><a href="cluster-listener.html">ClusterListener</a></li></ul></div><div><h2>web.xml</h2><ul><li><a href="filter.html">Filter</a></li></ul></div><div><h2>Other</h2><ul><li><a href="systemprops.html">System properties</a></li></ul></div></nav></div></div><div id="mainRight"><div id="content"><h2>The Manager Component</h2><h3 id="Table_of_Contents">Table of Contents</h3><div class="text">
<ul><li><a href="#Introduction">Introduction</a></li><li><a href="#Attributes">Attributes</a><ol><li><a href="#Common_Attributes">Common Attributes</a></li><li><a href="#Standard_Implementation">Standard Implementation</a></li></ol></li><li><a href="#Nested_Components">Nested Components</a></li><li><a href="#Special_Features">Special Features</a><ol><li><a href="#Persistence_Across_Restarts">Persistence Across Restarts</a></li><li><a href="#Disable_Session_Persistence">Disable Session Persistence</a></li></ol></li></ul>
</div><h3 id="Introduction">Introduction</h3><div class="text">

  <p>The <strong>Manager</strong> element represents the <em>session
  manager</em> that will be used to create and maintain HTTP sessions
  as requested by the associated web application.</p>

  <p>A Manager element MAY be nested inside a
  <a href="context.html">Context</a> component.  If it is not included,
  a default Manager configuration will be created automatically, which
  is sufficient for most requirements, &mdash; see
  <em>Standard Manager Implementation</em> below for the details
  of this configuration.</p>

</div><h3 id="Attributes">Attributes</h3><div class="text">

  <div class="subsection"><h4 id="Common_Attributes">Common Attributes</h4><div class="text">

    <p>All implementations of <strong>Manager</strong>
    support the following attributes:</p>

    <table class="defaultTable"><tr><th style="width: 15%;">
          Attribute
        </th><th style="width: 85%;">
          Description
        </th></tr><tr><td><code class="attributeName">className</code></td><td>
        <p>Java class name of the implementation to use.  This class must
        implement the <code>org.apache.catalina.Manager</code> interface.
        If not specified, the standard value (defined below) will be used.</p>
      </td></tr><tr><td><code class="attributeName">distributable</code></td><td>
        <p><strong>Deprecated</strong>: This should be configured via the
        Context.</p>
        <p>Set to <code>true</code> to ask the session manager to enforce
        the restrictions described in the Servlet Specification on
        distributable applications (primarily, this would mean that all
        session attributes must implement <code>java.io.Serializable</code>).
        Set to <code>false</code> (the default) to not enforce these
        restrictions.</p>

        <p><strong>NOTE</strong> - The value for this property is inherited
        automatically based on the presence or absence of the
        <code>&lt;distributable&gt;</code> element in the web application
        deployment descriptor (<code>/WEB-INF/web.xml</code>).</p>
      </td></tr><tr><td><code class="attributeName">maxActiveSessions</code></td><td>
        <p>The maximum number of active sessions that will be created by
        this Manager, or <code>-1</code> (the default) for no limit.</p>

        <p>When the limit is reached, any attempt to create a new session
        (e.g. with <code>HttpServletRequest.getSession()</code> call)
        will fail with an <code>IllegalStateException</code>.</p>
      </td></tr><tr><td><code class="attributeName">maxInactiveInterval</code></td><td>
        <p><strong>Deprecated</strong>: This should be configured via the
        Context.</p>
        <p>The initial maximum time interval, in seconds,
        between client requests before a session is invalidated. A negative value
        will result in sessions never timing out. If the attribute is not provided,
        a default of 1800 seconds (30 minutes) is used.</p>

        <p>This attribute provides the initial value whenever a
        new session is created, but the interval may be dynamically
        varied by a servlet via the
        <code>setMaxInactiveInterval</code> method of the <code>HttpSession</code> object.</p>
      </td></tr><tr><td><code class="attributeName">sessionIdLength</code></td><td>
       <p>The length of session ids created by this Manager, measured in bytes,
        excluding subsequent conversion to a hexadecimal string and
        excluding any JVM route information used for load balancing.
        This attribute is deprecated. Set the length on a nested
        <strong>SessionIdGenerator</strong> element instead.</p>
      </td></tr></table>

  </div></div>


  <div class="subsection"><h4 id="Standard_Implementation">Standard Implementation</h4><div class="text">

    <p>Tomcat provides two standard implementations of <strong>Manager</strong>
    for use &mdash; the default one stores active sessions, while the optional one
    stores active sessions that have been swapped out (in addition to saving
    sessions across a restart of Tomcat) in a storage location that is selected
    via the use of an appropriate <strong>Store</strong> nested element.</p>

    <h3>Standard Manager Implementation</h3>

    <p>The standard implementation of <strong>Manager</strong> is
    <strong>org.apache.catalina.session.StandardManager</strong>.
    It supports the following additional attributes (in addition to the
    common attributes listed above):</p>

    <table class="defaultTable"><tr><th style="width: 15%;">
          Attribute
        </th><th style="width: 85%;">
          Description
        </th></tr><tr><td><code class="attributeName">pathname</code></td><td>
        <p>Absolute or relative (to the work directory for this Context)
        pathname of the file in which session state will be preserved
        across application restarts, if possible.  The default is
        "SESSIONS.ser".<br>See
        <a href="#Persistence_Across_Restarts">Persistence Across Restarts</a>
        for more information. This persistence may be
        disabled by setting this attribute to an empty string.</p>
      </td></tr><tr><td><code class="attributeName">processExpiresFrequency</code></td><td>
        <p>Frequency of the session expiration, and related manager operations.
        Manager operations will be done once for the specified amount of
        backgroundProcess calls (i.e., the lower the amount, the more often the
        checks will occur). The minimum value is 1, and the default value is 6.
        </p>
      </td></tr><tr><td><code class="attributeName">secureRandomClass</code></td><td>
        <p>Name of the Java class that extends
        <code>java.security.SecureRandom</code> to use to generate session IDs.
        If not specified, the default value is
        <code>java.security.SecureRandom</code>.</p>
      </td></tr><tr><td><code class="attributeName">secureRandomProvider</code></td><td>
        <p>Name of the provider to use to create the
        <code>java.security.SecureRandom</code> instances that generate session
        IDs. If an invalid algorithm and/or provider is specified, the Manager
        will use the platform default provider and the default algorithm. If not
        specified, the platform default provider will be used.</p>
      </td></tr><tr><td><code class="attributeName">secureRandomAlgorithm</code></td><td>
        <p>Name of the algorithm to use to create the
        <code>java.security.SecureRandom</code> instances that generate session
        IDs. If an invalid algorithm and/or provider is specified, the Manager
        will use the platform default provider and the default algorithm. If not
        specified, the default algorithm of SHA1PRNG will be used. If the
        default algorithm is not supported, the platform default will be used.
        To specify that the platform default should be used, do not set the
        secureRandomProvider attribute and set this attribute to the empty
        string.</p>
      </td></tr><tr><td><code class="attributeName">sessionAttributeNameFilter</code></td><td>
        <p>A regular expression used to filter which session attributes will be
        distributed. An attribute will only be distributed if its name matches
        this pattern. If the pattern is zero length or <code>null</code>, all
        attributes are eligible for distribution. The pattern is anchored so the
        session attribute name must fully match the pattern. As an example, the
        value <code>(userName|sessionHistory)</code> will only distribute the
        two session attributes named <code>userName</code> and
        <code>sessionHistory</code>. If not specified, the default value of
        <code>null</code> will be used.</p>
      </td></tr><tr><td><code class="attributeName">sessionAttributeValueClassNameFilter</code></td><td>
        <p>A regular expression used to filter which session attributes will be
        distributed. An attribute will only be distributed if the implementation
        class name of the value matches this pattern. If the pattern is zero
        length or <code>null</code>, all attributes are eligible for
        distribution. The pattern is anchored so the fully qualified class name
        must fully match the pattern. If not specified, the default value of
        <code>null</code> will be used unless a <code>SecurityManager</code> is
        enabled in which case the default will be
        <code>java\\.lang\\.(?:Boolean|Integer|Long|Number|String)</code>.</p>
      </td></tr><tr><td><code class="attributeName">warnOnSessionAttributeFilterFailure</code></td><td>
        <p>If <strong>sessionAttributeNameFilter</strong> or
        <strong>sessionAttributeValueClassNameFilter</strong> blocks an
        attribute, should this be logged at <code>WARN</code> level? If
        <code>WARN</code> level logging is disabled then it will be logged at
        <code>DEBUG</code>. The default value of this attribute is
        <code>false</code> unless a <code>SecurityManager</code> is enabled in
        which case the default will be <code>true</code>.</p>
      </td></tr></table>

    <h3>Persistent Manager Implementation</h3>

    <p><strong>NOTE:</strong> You must set either the
    <code>org.apache.catalina.session.StandardSession.ACTIVITY_CHECK</code> or
    <code>org.apache.catalina.STRICT_SERVLET_COMPLIANCE</code>
    <a href="systemprops.html">system properties</a> to <code>true</code> for
    the persistent manager to work correctly.</p>

    <p>The persistent implementation of <strong>Manager</strong> is
    <strong>org.apache.catalina.session.PersistentManager</strong>.  In
    addition to the usual operations of creating and deleting sessions, a
    <code>PersistentManager</code> has the capability to swap active (but
    idle) sessions out to a persistent storage mechanism, as well as to save
    all sessions across a normal restart of Tomcat.  The actual persistent
    storage mechanism used is selected by your choice of a
    <strong>Store</strong> element nested inside the <strong>Manager</strong>
    element - this is required for use of <code>PersistentManager</code>.</p>

    <p>This implementation of Manager supports the following attributes in
    addition to the <a href="#Common_Attributes">Common Attributes</a>
    described earlier.</p>

    <table class="defaultTable"><tr><th style="width: 15%;">
          Attribute
        </th><th style="width: 85%;">
          Description
        </th></tr><tr><td><strong><code class="attributeName">className</code></strong></td><td>
        <p>It has the same meaning as described in the
        <a href="#Common_Attributes">Common Attributes</a> above.
        You <strong>must</strong> specify
        <code>org.apache.catalina.session.PersistentManager</code> to use
        this manager implementation.</p>
      </td></tr><tr><td><code class="attributeName">maxIdleBackup</code></td><td>
        <p>The time interval (in seconds) since the last access to a session
        before it is eligible for being persisted to the session store, or
        <code>-1</code> to disable this feature.  By default, this feature is
        disabled.</p>
      </td></tr><tr><td><code class="attributeName">maxIdleSwap</code></td><td>
        <p>The maximum time a session may be idle before it is eligible to be
        swapped to disk due to inactivity. Setting this to <code>-1</code> means
        sessions should not be swapped out just because of inactivity. If this
        feature is enabled, the time interval specified here should be equal to
        or longer than the value specified for <code>maxIdleBackup</code>. By
        default, this feature is disabled.</p>
      </td></tr><tr><td><code class="attributeName">minIdleSwap</code></td><td>
        <p>The minimum time in seconds a session must be idle before it is
        eligible to be swapped to disk to keep the active session count below
        maxActiveSessions. Setting to <code>-1</code> means sessions will not be
        swapped out to keep the active session count down. If specified, this
        value should be less than that specified by <code>maxIdleSwap</code>.
        By default, this value is set to <code>-1</code>.</p>
      </td></tr><tr><td><code class="attributeName">processExpiresFrequency</code></td><td>
        <p>It is the same as described above for the
        <code>org.apache.catalina.session.StandardManager</code> class.
        </p>
      </td></tr><tr><td><code class="attributeName">saveOnRestart</code></td><td>
        <p>Should all sessions be persisted and reloaded when Tomcat is shut
        down and restarted (or when this application is reloaded)?  By default,
        this attribute is set to <code>true</code>.</p>
      </td></tr><tr><td><code class="attributeName">secureRandomClass</code></td><td>
        <p>It is the same as described above for the
        <code>org.apache.catalina.session.StandardManager</code> class.
        </p>
      </td></tr><tr><td><code class="attributeName">secureRandomProvider</code></td><td>
        <p>It is the same as described above for the
        <code>org.apache.catalina.session.StandardManager</code> class.
        </p>
      </td></tr><tr><td><code class="attributeName">secureRandomAlgorithm</code></td><td>
        <p>It is the same as described above for the
        <code>org.apache.catalina.session.StandardManager</code> class.
        </p>
      </td></tr><tr><td><code class="attributeName">sessionAttributeNameFilter</code></td><td>
        <p>A regular expression used to filter which session attributes will be
        distributed. An attribute will only be distributed if its name matches
        this pattern. If the pattern is zero length or <code>null</code>, all
        attributes are eligible for distribution. The pattern is anchored so the
        session attribute name must fully match the pattern. As an example, the
        value <code>(userName|sessionHistory)</code> will only distribute the
        two session attributes named <code>userName</code> and
        <code>sessionHistory</code>. If not specified, the default value of
        <code>null</code> will be used.</p>
      </td></tr><tr><td><code class="attributeName">sessionAttributeValueClassNameFilter</code></td><td>
        <p>A regular expression used to filter which session attributes will be
        distributed. An attribute will only be distributed if the implementation
        class name of the value matches this pattern. If the pattern is zero
        length or <code>null</code>, all attributes are eligible for
        distribution. The pattern is anchored so the fully qualified class name
        must fully match the pattern. If not specified, the default value of
        <code>null</code> will be used unless a <code>SecurityManager</code> is
        enabled in which case the default will be
        <code>java\\.lang\\.(?:Boolean|Integer|Long|Number|String)</code>.</p>
      </td></tr><tr><td><code class="attributeName">warnOnSessionAttributeFilterFailure</code></td><td>
        <p>If <strong>sessionAttributeNameFilter</strong> or
        <strong>sessionAttributeValueClassNameFilter</strong> blocks an
        attribute, should this be logged at <code>WARN</code> level? If
        <code>WARN</code> level logging is disabled then it will be logged at
        <code>DEBUG</code>. The default value of this attribute is
        <code>false</code> unless a <code>SecurityManager</code> is enabled in
        which case the default will be <code>true</code>.</p>
      </td></tr></table>

    <p>In order to successfully use a PersistentManager, you must nest inside
    it a <strong>&lt;Store&gt;</strong> element, as described below.</p>

  </div></div>


</div><h3 id="Nested_Components">Nested Components</h3><div class="text">

  <h3>All Manager Implementations</h3>

  <p>All Manager implementations allow nesting of a
  <strong>&lt;SessionIdGenerator&gt;</strong> element. It defines
  the behavior of session id generation.  All implementations
  of the <a href="sessionidgenerator.html">SessionIdGenerator</a> allow the
  following attributes:
  </p>

  <table class="defaultTable"><tr><th style="width: 15%;">
          Attribute
        </th><th style="width: 85%;">
          Description
        </th></tr><tr><td><code class="attributeName">sessionIdLength</code></td><td>
      <p>The length of the session ID may be changed with the
      <strong>sessionIdLength</strong> attribute.
      </p>
    </td></tr></table>

  <h3>Persistent Manager Implementation</h3>

  <p>If you are using the <em>Persistent Manager Implementation</em>
  as described above, you <strong>MUST</strong> nest a
  <strong>&lt;Store&gt;</strong> element inside, which defines the
  characteristics of the persistent data storage.  Two implementations
  of the <code>&lt;Store&gt;</code> element are currently available,
  with different characteristics, as described below.</p>

  <h5>File Based Store</h5>

  <p>The <em>File Based Store</em> implementation saves swapped out
  sessions in individual files (named based on the session identifier)
  in a configurable directory.  Therefore, you are likely to encounter
  scalability problems as the number of active sessions increases, and
  this should primarily be considered a means to easily experiment.</p>

  <p>To configure this, add a <code>&lt;Store&gt;</code> nested inside
  your <code>&lt;Manager&gt;</code> element with the following attributes:
  </p>

  <table class="defaultTable"><tr><th style="width: 15%;">
          Attribute
        </th><th style="width: 85%;">
          Description
        </th></tr><tr><td><strong><code class="attributeName">className</code></strong></td><td>
      <p>Java class name of the implementation to use.  This class must
      implement the <code>org.apache.catalina.Store</code> interface.  You
      <strong>must</strong> specify
      <code>org.apache.catalina.session.FileStore</code>
      to use this implementation.</p>
    </td></tr><tr><td><code class="attributeName">directory</code></td><td>
      <p>Absolute or relative (to the temporary work directory for this web
      application) pathname of the directory into which individual session
      files are written.  If not specified, the temporary work directory
      assigned by the container is utilized.</p>
    </td></tr></table>


  <h5>JDBC Based Store</h5>

  <p>The <em>JDBC Based Store</em> implementation saves swapped out
  sessions in individual rows of a preconfigured table in a database
  that is accessed via a JDBC driver.  With large numbers of swapped out
  sessions, this implementation will exhibit improved performance over
  the File Based Store described above.</p>

  <p>To configure this, add a <code>&lt;Store&gt;</code> nested inside
  your <code>&lt;Manager&gt;</code> element with the following attributes:
  </p>

  <table class="defaultTable"><tr><th style="width: 15%;">
          Attribute
        </th><th style="width: 85%;">
          Description
        </th></tr><tr><td><strong><code class="attributeName">className</code></strong></td><td>
      <p>Java class name of the implementation to use.  This class must
      implement the <code>org.apache.catalina.Store</code> interface.  You
      <strong>must</strong> specify
      <code>org.apache.catalina.session.JDBCStore</code>
      to use this implementation.</p>
    </td></tr><tr><td><strong><code class="attributeName">connectionName</code></strong></td><td>
      <p>The user name that will be handed to the configured JDBC driver to
      establish a connection to the database containing the session table.</p>
    </td></tr><tr><td><strong><code class="attributeName">connectionPassword</code></strong></td><td>
      <p>The password that will be handed to the configured JDBC driver to
      establish a connection to the database containing the session table.</p>
    </td></tr><tr><td><strong><code class="attributeName">connectionURL</code></strong></td><td>
      <p>The connection URL that will be handed to the configured JDBC
      driver to establish a connection to the database containing our
      session table.</p>
    </td></tr><tr><td><code class="attributeName">dataSourceName</code></td><td>
      <p>Name of the JNDI resource for a JDBC DataSource-factory. If this option
      is given and a valid JDBC resource can be found, it will be used and any
      direct configuration of a JDBC connection via <code>connectionURL</code>,
      <code>connectionName</code>, <code>connectionPassword</code> and
      <code>driverName</code> will be ignored. Since this code uses prepared
      statements, you might want to configure pooled prepared statements as
      shown in <a href="../jndi-resources-howto.html">the JNDI resources
      HOW-TO</a>.</p>
    </td></tr><tr><td><strong><code class="attributeName">driverName</code></strong></td><td>
      <p>Java class name of the JDBC driver to be used.</p>
    </td></tr><tr><td><code class="attributeName">sessionAppCol</code></td><td>
      <p>Name of the database column, contained in the specified session table,
      that contains the Engine, Host, and Web Application Context name in the
      format <code>/Engine/Host/Context</code>. If not specified the default
      value of <code>app</code> will be used.</p>
    </td></tr><tr><td><code class="attributeName">sessionDataCol</code></td><td>
      <p>Name of the database column, contained in the specified session table,
      that contains the serialized form of all session attributes for a swapped
      out session. The column type must accept a binary object (typically called
      a BLOB). If not specified the default value of <code>data</code> will be
      used.</p>
    </td></tr><tr><td><code class="attributeName">sessionIdCol</code></td><td>
      <p>Name of the database column, contained in the specified session table,
      that contains the session identifier of the swapped out session. The
      column type must accept character string data of at least as many
      characters as are contained in session identifiers created by Tomcat
      (typically 32). If not specified the default value of <code>id</code> will
      be used.</p>
    </td></tr><tr><td><code class="attributeName">sessionLastAccessedCol</code></td><td>
      <p>Name of the database column, contained in the specified session table,
      that contains the <code>lastAccessedTime</code> property of this session.
      The column type must accept a Java <code>long</code> (64 bits). If not
      specified the default value of <code>maxinactive</code> will be used.</p>
    </td></tr><tr><td><code class="attributeName">sessionMaxInactiveCol</code></td><td>
      <p>Name of the database column, contained in the specified session table,
      that contains the <code>maxInactiveInterval</code> property of this
      session. The column type must accept a Java <code>integer</code> (32
      bits). If not specified, the default value of <code>maxinactive</code>
      will be used.</p>
    </td></tr><tr><td><code class="attributeName">sessionTable</code></td><td>
      <p>Name of the database table to be used for storing swapped out sessions.
      This table must contain (at least) the database columns that are
      configured by the other attributes of this element. If not specified the
      default value of <code>tomcat$sessions</code> will be used.</p>
    </td></tr><tr><td><code class="attributeName">sessionValidCol</code></td><td>
      <p>Name of the database column, contained in the specified session table,
      that contains a flag indicating whether this swapped out session is still
      valid or not. The column type must accept a single character. If not
      specified the default value of <code>valid</code> will be used.</p>
    </td></tr></table>

  <p>Before attempting to use the JDBC Based Store for the first time,
  you must create the table that will be used to store swapped out sessions.
  Detailed SQL commands vary depending on the database you are using, but
  a script like this will generally be required:</p>

<div class="codeBox"><pre><code>create table tomcat_sessions (
  session_id     varchar(100) not null primary key,
  valid_session  char(1) not null,
  max_inactive   int not null,
  last_access    bigint not null,
  app_name       varchar(255),
  session_data   mediumblob,
  KEY kapp_name(app_name)
);</code></pre></div>

  <p>Note: The SQL command above does not use the default names for either the
  table or the columns so the JDBC Store would need to be configured to reflect
  this.</p>

  <p>In order for the JDBC Based Store to successfully connect to your
  database, the JDBC driver you configure must be visible to Tomcat's
  internal class loader.  Generally, that means you must place the JAR
  file containing this driver into the <code>$CATALINA_HOME/lib</code>
  directory.</p>

</div><h3 id="Special_Features">Special Features</h3><div class="text">


  <div class="subsection"><h4 id="Persistence_Across_Restarts">Persistence Across Restarts</h4><div class="text">

    <p>Whenever Apache Tomcat is shut down normally and restarted, or when an
    application reload is triggered, the standard Manager implementation
    will attempt to serialize all currently active sessions to a disk
    file located via the <code>pathname</code> attribute.  All such saved
    sessions will then be deserialized and activated (assuming they have
    not expired in the mean time) when the application reload is completed.</p>

    <p>In order to successfully restore the state of session attributes,
    all such attributes MUST implement the <code>java.io.Serializable</code>
    interface.  You MAY cause the Manager to enforce this restriction by
    including the <code>&lt;distributable&gt;</code> element in your web
    application deployment descriptor (<code>/WEB-INF/web.xml</code>).</p>

    <p>The persistence across restarts provided by the
    <strong>StandardManager</strong> is a simpler implementation than that
    provided by the <strong>PersistentManager</strong>. If robust, production
    quality persistence across restarts is required then the
    <strong>PersistentManager</strong> should be used with an appropriate
    configuration.</p>

  </div></div>

  <div class="subsection"><h4 id="Disable_Session_Persistence">Disable Session Persistence</h4><div class="text">

    <p>As documented above, every web application by default has
    standard manager implementation configured, and it performs session
    persistence across restarts. To disable this persistence feature, create
    a <a href="context.html">Context</a> configuration file for your web
    application and add the following element there:</p>

    <div class="codeBox"><pre><code>&lt;Manager pathname="" /&gt;</code></pre></div>
  </div></div>

</div><div class="noprint"><h3 id="comments_section">
                  Comments
                </h3><div class="text"><p class="notice"><strong>Notice: </strong>This comments section collects your suggestions
                    on improving documentation for Apache Tomcat.<br><br>
                    If you have trouble and need help, read
                    <a href="http://tomcat.apache.org/findhelp.html">Find Help</a> page
                    and ask your question on the tomcat-users
                    <a href="http://tomcat.apache.org/lists.html">mailing list</a>.
                    Do not ask such questions here. This is not a Q&amp;A section.<br><br>
                    The Apache Comments System is explained <a href="../comments.html">here</a>.
                    Comments may be removed by our moderators if they are either
                    implemented or considered invalid/off-topic.
                  </p><div id="comments_thread"></div></div></div></div></div></div></div><footer><div id="footer">
    Copyright &copy; 1999-2016, The Apache Software Foundation
  </div></footer></div></body></html>